home

riched20.dll

Microsoft RichEdit Control, version 5.0

Microsoft Corporation

Publisher:
Microsoft Corporation  (signed and verified)

Product:
Microsoft RichEdit Control, version 5.0

Description:
Rich Text Edit Control, v5.0

Version:
5.50.99.2012

MD5:
450013df2b53104a350b43e835f41dd3

SHA-1:
f8d4159a56c296e80eeea566e33826cd5c525c8b

SHA-256:
d6af2634bc867aaf7ed034458dca5afb98c5312465dd158497f3a2e4b60a25f5

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
11/5/2024 6:31:27 PM UTC  (today)

File size:
942.8 KB (965,400 bytes)

Product version:
5.0

Copyright:
Copyright © Microsoft Corp. 1997-2001.

Original file name:
MsftEdit.dll

File type:
Dynamic link library (Win32 DLL)

Digital Signature
Signed by:
Microsoft Corporation

Authority:
Microsoft Corporation

Valid from:
1/6/2005 7:20:19 AM

Valid to:
4/6/2006 7:30:19 AM

Subject:
CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:
CN=Microsoft Code Signing PCA, OU=Copyright (c) 2000 Microsoft Corp., O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:
6105875800030000005A

File PE Metadata
Compilation timestamp:
12/14/2005 2:52:32 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
24576:priRxHG1vRPEUbd0/YKE296ntN/hrzdyPmxT:pWRxHGAUbdERFMxEPmxT

Entry address:
0x1000

Entry point:
53, 33, DB, 39, 5C, 24, 0C, 56, 0F, 84, D4, 9A, 04, 00, 83, 7C, 24, 10, 01, 75, 5E, 8B, 35, 30, D0, 7C, 39, 68, 44, AA, 7D, 39, FF, D6, 68, 2C, AA, 7D, 39, FF, D6, 8B, 74, 24, 0C, 56, FF, 15, 34, D0, 7C, 39, 6A, 01, 89, 35, 74, AA, 7D, 39, E8, 3A, 00, 00, 00, 59, 3B, C3, 0F, 84, 8B, 97, 04, 00, 8B, C8, E8, 85, 00, 00, 00, A3, E4, A6, 7D, 39, 6A, 18, 68, CC, E7, 7C, 39, 68, 5C, AA, 7D, 39, E8, BD, 01, 00, 00, 83, C4, 0C, E8, 42, 02, 00, 00, 85, C0, 74, 03, 33, C0, 40, 5E, 5B, C2, 0C, 00, 6A, 40, FF, 74, 24...
 
[+]

Entropy:
6.6444

Code size:
816 KB (835,584 bytes)

The file riched20.dll has been seen being distributed by the following URL.

http://download.gt.17y.com/gt/1.25.9.3850/.../RICHED20.DLL

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.